Exim Miscellany

This page contains a number of topics that are unrelated to other web pages, some of the articles are small and not all controllable features have been documented as they are very specialized, again I point you to the official web site.

Security Issues

There are three issues that Exim must address

You normally configure a specific user and group for Exim, you can also define the user when you compile the source using the "EXIM_USER=<user>" option in the makefile. You can also use the "exim_user=<user>" option in the configuration file.

To allow other users to access Exim add them to Exim group and change the permission on some of the files which will allow them to administer Exim.

Exim requires root privilege to configure the Exim daemon to listen on port 25 (a privileged port), to access other users forward files as these will only have the users privilege access, to achieve this the Exim binary has setuid set, this means that whenever the program is started the effective uid is changed to root. The root privilege is given up when it no longer needs it for example when receiving messages from any source. It is generally a bad idea to run the local deliveries as root as this requires to much privilege, you can limit the privileges by using the "never_users = root" option, this can be overriden by the build-time variable fixed_never_users (this can never be overriden).

Privileged Users

Exim uses two kind of users trusted and admin, both allow you to perform privileged functions within Exim.

Trusted users may override certain information when submitting messages via the command line (The Exim and root users are automatically trusted). The trusted_users option allows to use privileged options on the commandline.

trusted_users

trusted_users = uucp : pvalle

# You can now use the privilged option -f on the commandline

exim -f 'paulvalleeee@datadisk.co.uk'

Note: using the -f overrides the automatically generated sender address, if you have the privilege

You can use the option untrusted_set_sender to allow address that untrusted users are allowed to set.

untrusted_set_sender

untrusted_set_sender = ^$sender_ident-

Note: restricts users to setting senders that start with their login id followed by a hyphen

Admin users are allowed to set options that affect the running of Exim, (start a daemon, remove messages). By default the Exim user and root are admin users, you allow users admin access by adding them to the Exim group.

You can open two privilege actions

Allow any user to start a Exim queue run

prod_requires_admin = false

Note: if set to false then any user may start an Exim queue run by means of the -q option, you can also use the -M option

View messages on the the Queue

queue_list_requires_admin = false

Note: if set to false any user may list the messages on the queue by means of the -bp option.

Exim has an option admin_groups which allows groups of users to have admin rights

Admin privileges for groups admin_groups = sysadmin

Timestamps

You can override the local wallclock time zone using the option timezone, it takes its default setting from the TZ environment variable.

setting the timezone timezone = UTC

Checking Pool Space

You can perform some checking of disk space requirements, inodes available before accepting a message.

Check there is enough disk space check_spool_space = 50M
Check there are enough inodes available check_spool_inodes = 100

Control of DNS lookups

Exim checks domains names before passing them to a resolver by matching them against a regular expression specified by the option dns_check_names_pattern, it only permits letters, digits, slashes and hyphens and requires them to neither start or end with a hyphen or a slash. If the name contains one of the invalid characters then it persumes that DNS returned a "not found". This can cause messages to be retried many times before timing out. You can use two options dns_retry and dns_retrans to adjust the timing values of retries and retransmissions.

Bounce Message Handling

You can alter the way Exim handles or generates bounce messages which includes warning messages which are sent after a message has been on the queue for a specified time.

When Exim generates a bounce message it inserts a From: header line specifying the sender as Mailer-daemon at the qualifying domain. This can cause problems as user generally reply to such messages so you may want to alias Mail-daemon to postmaster. You can also set the option errors_reply_to which provides the text for a Reply-To: header.

Reply-To: header errors_reply_to = postmaster@datadisk.co.uk

You can also take a copy of a bounced message, using the option errors_copy, this can be fine tuned

Copy of a bounced message

errors_copy = complaints@datadisk.co.uk postmaster@datadisk.co.uk

errors_copy = *@datadisk.co.uk postmaster@datadisk.co.uk

By default Exim sends a warning message every 24 Hours when a messasge is delayed, this can be adjusted

Delayed warning messages

delay_warning = 48h           # send a warning message after 24 hours

delay_warning = 0             # never send a warning message

delay_warning = 4h:24h:4w     # send a warning message after 4 hours, then 24 hours, then 4 weeks

You can change the text of the bounced message (default is built into the Exim code), using the option bounce_message_text

Bounced Text

bounce_message_text = For any help please ask your postmaster

bounce_message_file = /etc/exim/bounce_message_text

Note: use the Exim website obtain a bounce_message_file template.

SMTP Banner String

Exim allows you to change the SMTP banner which is the initial response SMTP sends when a connection is made.

SMTP Banner

smtp_banner = $primary_hostname ESMTP Exim $version_number $tod_full

smtp_banner = "Datadisk SMTP Server"

Note: for security reason sometimes less information is best